Access-Reject based on internet usage?
Bacsó Márton Károly
bacsom at hotmail.com
Tue May 5 08:32:12 CEST 2015
Dear FreeRadius users!
I work in a secondary school in Hungary. We are trying to achieve complete WiFi coverage in the building with several TP-LINK WA901ND APs (running OpenWRT 14.07). I have successfully installed Freeradius 2.1.12 and Daloradius 0.9-9 on a Raspberry Pi B+. The system works great with many freeradius check attributes, but I have failed to implement any kind of usage limit based on downloads or uploads.
The AP sends the neccessary information to the server, because I can see daily/weekly/monthly/total internet usage statistics , but even if a user is over their quota the system gives them Access-Accept message. I know that without any captive portals, I won't be able to work with most of the reply attributes, but that is not I want to achieve. All I want is an Access-Reject message to the AP. (and to make my wish even more simple the 4Gb limit is enough for me)
I am really newbie with Linux, so forgive me if I write anything stupid. What I already tried is to follow the way I did with time based logins and add the following lines to these files.
******************************************
***
modules/Counter
***
counter maxmonthlydownload {
filename = ${db_dir}/db.maxmonthlydownload
key = User-Name
count-attribute = Acct-Output-Octets
reset = monthly
counter-name = Monthly-Output-Octets
check-name = CS-Output-Octets-Monthly
cache-size = 5000
}
counter maxmonthlyupload {
filename = ${db_dir}/db.maxmonthlyupload
key = User-Name
count-attribute = Acct-Input-Octets
reset = monthly
counter-name = Monthly-Input-Octets
check-name = CS-Input-Octets-Monthly
cache-size = 5000
}
***
sql/mysql/counter.conf
***
sqlcounter maxmonthlydownloadcounter {
counter-name = Monthly-Output-Octets
check-name = CS-Output-Octets-Monthly
sqlmod-inst = sql
key = User-Name
reset = monthly
query = "SELECT IFNULL(SUM(AcctOutputOctets),0) FROM radacct WHERE UserName='%{%k}' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
}
sqlcounter maxmonthlyuploadcounter {
counter-name = Monthly-Input-Octets
check-name = CS-Input-Octets-Monthly
sqlmod-inst = sql
key = User-Name
reset = monthly
query = "SELECT IFNULL(SUM(AcctInputOctets),0) FROM radacct WHERE UserName='%{%k}' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
}
***
sites-available/default
***
maxmonthlydownload
maxmonthlyupload
******************************************
Unfortunately it doesn't work. When I test the user name in the terminal window it gives Access-Accept, no matter what. What is interesting is that when I add any session time attributes I can see that in the terminal under Access-Accept message, but with Octets there is nothing.
Any help would be appreciated!
Márton Bacsó
Bacsó Márton Károly
bacsom at hotmail.com
M.: +36 20 3315753
http://digilecke.com
http://www.bacsomarton.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: counter
Type: application/octet-stream
Size: 3769 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150505/a0e68388/attachment-0002.obj>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: counter.conf
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150505/a0e68388/attachment-0001.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: default
Type: application/octet-stream
Size: 18585 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150505/a0e68388/attachment-0003.obj>
More information about the Freeradius-Users
mailing list